Trust evidence

Security architecture

Show the public security model behind record preparation and controlled sharing.

Evidence status

Published summary

MedDossier separates public intake, authenticated workspaces, role-limited review, and authorized share access. This page is a public architecture summary, not an external certification.

Last updated: 2026-06-14

Currently published

Role-limited workspace boundaries are described for patient, operations, reviewer, translator, and hospital-facing views.

Share access is treated as separate from upload and packet preparation.

The public security page explains expiring links, scoped access, and request paths.

Available during partner/security review

Architecture walkthrough for institution reviewers.

Access-control review notes for proposed partner workflows.

Security questionnaire responses scoped to the intended workflow.

Not yet published

Independent penetration-test report.

Third-party security certification report.

Public production environment evidence package.

Review boundary

Evidence review is separate from launch clearance.

Uploading records, preparing records, patient confirmation, and external sharing remain separate steps. Institution workflows require partner/security/legal review before live use.

Trust Center Security page

Security page API security